New & Notable
Get Started
How to create a third-party risk management policy
NIST's Cybersecurity Framework offers some helpful tips for organizations to fortify their third-party risk management strategies. Here's how to implement them.
Manage
How to build an effective purple team playbook
Enterprises across a wide variety of vertical industries can benefit from purple team exercises that harness red and blue teams toward a common goal: reducing vulnerabilities.
News
Chainalysis records 35% decrease in ransom payments in 2024
While the first half of 2024 was on pace to surpass 2023's record-setting numbers, Chainalysis found that the volume of ransom payments dropped in the second half of the year.
News
AMD, Google disclose Zen processor microcode vulnerability
AMD said CVE-2024-56161, which first leaked last month, requires an attacker to have local administrator privileges as well as developed and executed malicious microcode.
Trending Topics
-
Data Security & Privacy News
Wiz reveals DeepSeek database exposed API keys, chat history
Wiz expressed concern about security shortcomings with AI tools and services amid the rapid adoption and rising popularity of offerings like DeepSeek-R1.
-
Threats & Vulnerabilities News
Zyxel won't patch end-of-life routers against zero-day attacks
Networking hardware vendor Zyxel has no plans to patch multiple end-of-life routers against new zero-day flaws and advises customers to replace affected devices entirely.
-
IAM Evaluate
Cloud PAM benefits, challenges and adoption best practices
Cloud PAM helps organizations manage access to privileged accounts to keep cloud data and applications secured. Is it right for your organization?
-
Analytics & Automation News
Risk & Repeat: DeepSeek security issues emerge
The introduction of DeepSeek's new generative AI models has been met with fervor, but security issues have created apparent challenges for the Chinese startup.
-
Network Security News
NSFocus: DeepSeek AI hit with 'well planned' DDoS attacks
Cybersecurity vendor NSFocus said AI startup DeepSeek endured multiple waves of DDoS attacks from attackers since its reasoning model was released Jan. 20.
-
Operations & Management Evaluate
Too many 'point'less tools: Platformization is better
Will 2025 be the year organizations ditch multiple point products and take a platform approach? Enterprise Strategy Group analyst Tyler Shields thinks it should be.
Sponsored Sites
-
IT Workflows
Transform Your Organization With Modern and Resilient IT Services
Learn how ServiceNow’s IT solutions can help your organization seize the upside of operational resilience and raise employee agility.
-
Networking
Verizon Private 5G Edge - Enterprise Intelligence
Verizon is leading the development of secure cloud computing power at the edge of the network. Hosting applications at the network edge helps improve response times and performance – enabling the faster collection, processing and analysis of data for better business outcomes, and true Enterprise Intelligence.
-
Security
One Identity | Integrated Cybersecurity for all Your Identities
Learn how One Identity provides integrated cybersecurity solutions, delivering a truly unified identity platform and streamlining management across on-premises and cloud resources.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
Cloud PAM benefits, challenges and adoption best practices
Cloud PAM helps organizations manage access to privileged accounts to keep cloud data and applications secured. Is it right for your organization?
-
Comparing top identity and access management certifications
-
Data sovereignty compliance challenges and best practices
-
Too many 'point'less tools: Platformization is better
-
-
Problem Solve
Enterprise cybersecurity hygiene checklist for 2025
Enterprise cybersecurity hygiene must be a shared responsibility between employees and employers. Learn how both can get the job done with this checklist.
-
How to protect against malware as a service
-
How to recover from a DDoS attack
-
Biometric privacy and security challenges to know
-
-
Manage
How to build an effective purple team playbook
Enterprises across a wide variety of vertical industries can benefit from purple team exercises that harness red and blue teams toward a common goal: reducing vulnerabilities.
-
Adopt passkeys over passwords to improve UX, drive revenue
-
Top 12 online cybersecurity courses for 2025
-
Top 15 email security best practices for 2025
-
Information Security Basics
-
Get Started
How to create a third-party risk management policy
NIST's Cybersecurity Framework offers some helpful tips for organizations to fortify their third-party risk management strategies. Here's how to implement them.
-
Get Started
What is Internet Key Exchange (IKE)?
Internet Key Exchange (IKE) is a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).
-
Get Started
What is a certificate revocation list (CRL) and how is it used?
A certificate revocation list (CRL) is a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their actual or assigned expiration date.
Multimedia
-
News
View All -
Threats and vulnerabilities
Zyxel won't patch end-of-life routers against zero-day attacks
Networking hardware vendor Zyxel has no plans to patch multiple end-of-life routers against new zero-day flaws and advises customers to replace affected devices entirely.
-
Threat detection and response
Chainalysis records 35% decrease in ransom payments in 2024
While the first half of 2024 was on pace to surpass 2023's record-setting numbers, Chainalysis found that the volume of ransom payments dropped in the second half of the year.
-
Threats and vulnerabilities
AMD, Google disclose Zen processor microcode vulnerability
AMD said CVE-2024-56161, which first leaked last month, requires an attacker to have local administrator privileges as well as developed and executed malicious microcode.
Search Security Definitions
- What is Internet Key Exchange (IKE)?
- What is a certificate revocation list (CRL) and how is it used?
- What is cryptology?
- What is biometric verification?
- What is DOS (Disk Operating System)?
- What is biometrics?
- What is a password?
- What is a hardware security module?